On Friday March 1, 2024, Jiin Jeong ’21 presented her talk titled “What Top Hackers Do Differently: An Exploration of Cybersecurity, Talent, Strategies, and Fundamentals.” As a former Economics and Computer Science double major at Hamilton, Jeong was eager to present the various conclusions she came to following her time post-graduation. Among her many notable professional experiences, she interned for investment banking group Goldman Sachs, was awarded the Thomas J. Watson Fellowship for the 2021–2022 academic year and is currently pursuing a Masters in Information Security at Carnegie Mellon University as a CyberCorps SFS Scholar.

Jeong began her talk by outlining what is considered the modern-day mainstream perception for cybersecurity throughout movies and TV shows. Words such as encryption, router, machine networks, intrusion and detection were most used, shaping understanding of the cybersecurity world. However, Jeong provided a clear definition for cybersecurity: “Protecting networks, devices and data from unauthorized access of criminal use and the practice of ensuring confidentiality, integrity and the availability of information.” She further stressed the need for “trustworthy and reliable data, while remaining confidential. We want things to be available to the public when they require it.”

Following her introductory segment, Jeong dove into work she is currently conducting as a Masters candidate. Her cybersecurity research at Carnegie Mellon focuses on global cybersecurity education and policy. As part of her program, Jeong works closely with cybersecurity researchers and educators worldwide that have shared their insights at what she coined “the Super Bowl of Cybersecurity:” DEF CON. The annual conference, held this year in Las Vegas, brings together computer security professionals from around the world to collaborate in team-building activities through Capture-the-Flag (CTF) competitions.

Among the findings she has collected from her research, Jeong underlined South Korea’s prominence in the cybersecurity field. “South Korea has a nationwide best-of-the-best program among nations, with high internet and science high schools. It is very industry and research oriented… Top cyber companies, such as Samsung, collaborate closely with these nationwide programs. Specialization happens early on, there is so much cyber-specific content in South Korea in comparison to the U.S.,” Jeong said. Moreover, China is pursuing “an aggressive cybersecurity investment,” according to Jeong, as exemplified by China’s National Cybersecurity Center (CNCC). In contrast to American cyber security infrastructure, CNCC is “twice as big as Fort Mead, where the U.S. and NSA pursue its cyber operations from,” Jeong stated. Finally, Jeong focused on U.S. involvement in developing its cybersecurity program relative to international competition. She concluded that “the U.S. emphasizes the importance of solid basic skills and hands-on research skills. It holds a strong alumni network, experts come back and train students to solve problems.” When addressing the limitations of her research, Jeong rhetorically asked: “how do CTF competitions relate to real life?” She highlighted that “the people working at CTF’s are full-time employees that lead threat-analysis teams for the U.S. in China and work on secret missions for the NSA. Their work most definitely translates to the real world.”

Jeong continued by spotlighting PicoCTF, Carnegie Mellon University’s computer science education program, which she has personally benefited from. Jeong emphasizes PicoCTF as the “largest learning platform for K-12 students in the U.S., it focuses on sex key domains for cybersecurity: General Skills, Cryptography, Web Exploitation, Forensics, Binary Exploitation, and Reversing.” Jeong added that PicoCTF’s supporting materials, PicoGYM and PicoPrimer, stands as “an area to build cybersecurity skills across a ranges of difficulties” and “a platform to write how you got your solutions, understand how past problem-solvers won these competitions,” respectively.

In the near future, Jeong will spearhead an upcoming PicoCTF event in collaboration with Carnegie Mellon University’s School of Computer Science. The program consists of various escape rooms with four distinct stations, concentrating on cryptography, network security, physical security and social engineering. The event is intended specifically for “6th-8th grade middle school girls,” who can enhance their understanding of cybersecurity by learning about “spoofing attacks, phishing, open source intelligence, and lock picking,” among others, as Jeong claims. Jeong’s Watson Fellowship research further discovered that cybersecurity has a “9–1 man to woman ratio in the U.S. and 93–7 man to woman ratio in South Korea.” Jeong hopes her work can help diversify the field. In April, she will be attending BSides Seattle 2024 Conference to present her research.

When thinking about lessons she has learned about being a student in the cyber field, Jeong acknowledges that “[she] took a chance on [herself] and others took a chance on [her] to help [her] develop. We often shy away from opportunities, but bringing yourself into it is so important. Even when I got into CMU, I debated whether or not I would succeed in the program. Being open to opportunities brought me to great mentors, networking opportunities, and talks at Hamilton!” As advice for students looking to pursue a career in the cyber field, Jeong hopes her experience can be an inspiration for others. “When people put in two hours, I put in four. While I had time-management skills, my technical knowledge was below average. I did things earlier so I could ask questions earlier and succeed. It’s a soft skill that people should grasp. Learning to reach out for resources and leveraging my skills and research is crucial. Think about your strengths, how you read and learn. The learning curve is steep, but it will help you grow.”